By default, every file whose name ends with ‘.gpg’ will be treated as encrypted. That is, when you open such a file, the decrypted text is inserted in the buffer rather than encrypted one. Similarly, when you save the buffer to a ‘foo.gpg’ file, encrypted data is written.
The file name pattern for encrypted files can be controlled by epa-file-name-regexp.
You can disable this behavior with M-x epa-file-disable, and then get it back with M-x epa-file-enable.
By default, epa-file will try to
use symmetric encryption, aka password-based encryption. If you
want to use public key encryption instead, do M-x
epa-file-select-keys, which will pops up the key selection
dialog.
Select recipient keys to encrypt the currently visiting file with public key encryption.
You can also change the default behavior with the variable epa-file-select-keys.
For frequently visited files, it might be a good idea to tell
Emacs which encryption method should be used through See File Variables.
Use the epa-file-encrypt-to local variable for this.
For example, if
you want an Elisp file should be encrypted with a public key
associated with an email address ‘ueno@unixuser.org’, add the following
line to the beginning of the file.
;; -*- epa-file-encrypt-to: ("ueno@unixuser.org") -*-
|
Instead, if you want the file always (regardless of the value
of the epa-file-select-keys variable) encrypted with
symmetric encryption, change the line as follows.
;; -*- epa-file-encrypt-to: nil -*-
|
Other variables which control the automatic encryption/decryption behavior are below.